Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2021/04/13 3:23 p.m.44 views

OS Command Injection in compile-sass

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...

8.5CVSS3.4AI score0.02266EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2021/04/13 3:22 p.m.44 views

GHSA-53XJ-V576-3CH2 OS Command Injection in giting

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument repo of function pull is executed by the package without any validation...

9.8CVSS9.6AI score0.02397EPSS
Exploits0References4
CVE
CVE
added 2020/02/28 8:42 p.m.130 views

CVE-2019-10802

CVE-2019-10802 affects giting prior to version 0.0.8. The vulnerability arises because the first argument of the pull() function, named repo, is executed by the package without input validation, allowing arbitrary command execution (command injection). Several sources (Red Hat, Snyk, CNVD, GHSA, ...

9.8CVSS9.5AI score0.02397EPSS
Exploits0References2Affected Software1
Cloud Foundry
Cloud Foundry
added 2017/03/14 12:0 a.m.123 views

CVE-2017-5638: Apache Struts Remote Code Execution | Cloud Foundry

Severity Advisory/Critical Vendor Apache Versions Affected Apache Struts 2: 2.3.x versions prior to 2.3.32 2.5.x versions prior to 2.5.10.1 Description The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 1 mishandles file upload, which allows remote...

10CVSS10AI score0.99999EPSS
Exploits44
Rows per page
Query Builder